Closed ljharb closed 3 years ago
Changes Missing Coverage | Covered Lines | Changed/Added Lines | % | ||
---|---|---|---|---|---|
src/truncateTableData.js | 0 | 1 | 0.0% | ||
<!-- | Total: | 16 | 17 | 94.12% | --> |
Totals | |
---|---|
Change from base Build 236: | 0.0% |
Covered Lines: | 172 |
Relevant Lines: | 236 |
Although lodash v4.17.21 was released, resolving these CVEs, this PR would still avoid future such issues.
:tada: This PR is included in version 6.0.8 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
lodash gets lots of CVEs, and has 2 on it right now that don't actually apply to you.
Depending on the base package, even with the babel plugin, still causes your consumers to all see vulnerability warnings.
This changes to use alternatives. In most cases I stuck with the
lodash.foo
packages; if you prefer those over the 3 cases where i switched to my own packages, i'm happy to switch them.I also removed a bunch of lint warnings that seem to be failing on master.